package com.csthink.web.infrastructure.security.authentication.firewall;

import com.csthink.web.infrastructure.security.authentication.exception.RequestRejectedWithoutStackTraceException;
import org.springframework.security.web.firewall.FirewalledRequest;
import org.springframework.security.web.firewall.RequestRejectedException;
import org.springframework.security.web.firewall.StrictHttpFirewall;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * StrictHttpFirewall是Spring Security Web提供的一个HTTP防火墙(对应概念模型接口HttpFirewall)实现,
 * 该实现采用了严格模式，遇到任何可疑的请求，会通过抛出异常 RequestRejectedException拒绝该请求。
 * StrictHttpFirewall 也是 Spring Security Web 在安全过滤器代理 FilterChainProxy 内置缺省使用的HTTP防火墙机制。
 * 该防火墙定义了一系列的标准化 的URL规则，不符合规则的 URL 请求都会被拦截抛异常
 *
 * @author <a href="mailto:security.2009@live.cn">Mars</a>
 * @since 2023-09-12
 */
public class SuppressStackTraceHttpFirewall extends StrictHttpFirewall {

    @Override
    public FirewalledRequest getFirewalledRequest(HttpServletRequest request) throws RequestRejectedException {
        try {
            return super.getFirewalledRequest(request);
        } catch (RequestRejectedException e) {
            throw new RequestRejectedWithoutStackTraceException(e.getMessage());
        }
    }

    @Override
    public HttpServletResponse getFirewalledResponse(HttpServletResponse response) {
        return super.getFirewalledResponse(response);
    }
}
